<?php   

/** 
* Authorisation (the controller) 
* Авторизация (контроллер) 
* @author IT studio IRBIS-team 
* @copyright © 2009 IRBIS-team 
*/
/////////////////////////////////////////////////////////

/**
* Generation of page of an error at access out of system
* Генерация страницы ошибки при доступе вне системы
*/
    if(!defined('IRB_KEY'))
    {
       header("HTTP/1.1 404 Not Found");      
       exit(file_get_contents('../../404.html'));
    } 
//////////////////////////////////////////////////////////

/**
* We connect a file of the MySQL functions
* Подключаем файл функций MySQL
*/  
   include './libs/mysql.php'; 
   
/**  
* Authorisation of the user
* Авторизация пользователя 
*/    
	
    if(!$ok && isset($_COOKIE['hash'])) 
    { 
        include './modules/register/functions.php';        
		$_SESSION['user_data'] = getLogin($_COOKIE['hash']);
    } 
    elseif($ok) 
    { 
        $res = mysqlQuery("SELECT *   
                           FROM `". IRB_DBPREFIX ."user`  
                           WHERE `login`    = '". escapeString($POST['value1']) ."' 
                           AND   `password` = '". md5($POST['value2'] . IRB_SALT) ."' 
                          "); 
                     
        if(mysql_num_rows($res) > 0)
		{ 
            $_SESSION['user_data'] = mysql_fetch_assoc($res);
			
			if($POST['value4'])
			{
			    include './modules/register/functions.php';
			    setAutologin($_SESSION['user_data']['id']);
			}
		}
    }

    if(isset($_SESSION['user_data'])) 
	{  
        $info[] = IRB_LANG_SALUTATION_FOR . htmlspecialchars($_SESSION['user_data']['login']) .IRB_LANG_SALUTATION_END;
	//echo $_SERVER['HTTP_REFERER'];
        reDirect('page=requests', 'rem=read');
	}
    else 
        $info[] = IRB_LANG_NO_ACCES;
	
	$query_articles = mysqlQuery("SELECT a.id, a.comment, a.body 
						FROM `". IRB_DBPREFIX ."articles` a
						WHERE a.`id` = 1
						OR	a.`id` = 2
						OR	a.`id` = 3");
	
	if(mysql_num_rows($query_articles) > 0)
	{
		while($row = mysql_fetch_assoc($query_articles))
		{
			$articles[] = $row;
		}
	}
	
	
























	
